pkcs8.h source code [dart_sdk/third_party/boringssl/src/include/openssl/pkcs8.h]

1	/ Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL*
2	* project 1999.
3	*/
4	/ ====================================================================*
5	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
6	*
7	* Redistribution and use in source and binary forms, with or without
8	* modification, are permitted provided that the following conditions
9	* are met:
10	*
11	* 1. Redistributions of source code must retain the above copyright
12	* notice, this list of conditions and the following disclaimer.
13	*
14	* 2. Redistributions in binary form must reproduce the above copyright
15	* notice, this list of conditions and the following disclaimer in
16	* the documentation and/or other materials provided with the
17	* distribution.
18	*
19	* 3. All advertising materials mentioning features or use of this
20	* software must display the following acknowledgment:
21	* "This product includes software developed by the OpenSSL Project
22	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23	*
24	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25	* endorse or promote products derived from this software without
26	* prior written permission. For written permission, please contact
27	* licensing@OpenSSL.org.
28	*
29	* 5. Products derived from this software may not be called "OpenSSL"
30	* nor may "OpenSSL" appear in their names without prior written
31	* permission of the OpenSSL Project.
32	*
33	* 6. Redistributions of any form whatsoever must retain the following
34	* acknowledgment:
35	* "This product includes software developed by the OpenSSL Project
36	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37	*
38	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
42	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	* OF THE POSSIBILITY OF SUCH DAMAGE.
50	* ====================================================================
51	*
52	* This product includes cryptographic software written by Eric Young
53	* (eay@cryptsoft.com). This product includes software written by Tim
54	* Hudson (tjh@cryptsoft.com). */
55
56
57	#ifndef OPENSSL_HEADER_PKCS8_H
58	#define OPENSSL_HEADER_PKCS8_H
59
60	#include <openssl/base.h>
61	#include <openssl/x509.h>
62
63
64	#if defined(__cplusplus)
65	extern "C" {
66	#endif
67
68
69	// PKCS8_encrypt serializes and encrypts a PKCS8_PRIV_KEY_INFO with PBES1 or
70	// PBES2 as defined in PKCS #5. Only pbeWithSHAAnd128BitRC4,
71	// pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, defined in PKCS
72	// #12, and PBES2, are supported. PBES2 is selected by setting \|cipher\| and
73	// passing -1 for \|pbe_nid\|. Otherwise, PBES1 is used and \|cipher\| is ignored.
74	//
75	// \|pass\| is used as the password. If a PBES1 scheme from PKCS #12 is used, this
76	// will be converted to a raw byte string as specified in B.1 of PKCS #12. If
77	// \|pass\| is NULL, it will be encoded as the empty byte string rather than two
78	// zero bytes, the PKCS #12 encoding of the empty string.
79	//
80	// If \|salt\| is NULL, a random salt of \|salt_len\| bytes is generated. If
81	// \|salt_len\| is zero, a default salt length is used instead.
82	//
83	// The resulting structure is stored in an \|X509_SIG\| which must be freed by the
84	// caller.
85	OPENSSL_EXPORT X509_SIG PKCS8_encrypt(int* pbe_nid, const EVP_CIPHER *cipher,
86	const char pass, int* pass_len,
87	const uint8_t *salt, size_t salt_len,
88	int iterations,
89	PKCS8_PRIV_KEY_INFO *p8inf);
90
91	// PKCS8_marshal_encrypted_private_key behaves like \|PKCS8_encrypt\| but encrypts
92	// an \|EVP_PKEY\| and writes the serialized EncryptedPrivateKeyInfo to \|out\|. It
93	// returns one on success and zero on error.
94	OPENSSL_EXPORT int PKCS8_marshal_encrypted_private_key(
95	CBB out, int* pbe_nid, const EVP_CIPHER cipher, const* char *pass,
96	size_t pass_len, const uint8_t salt, size_t salt_len, int* iterations,
97	const EVP_PKEY *pkey);
98
99	// PKCS8_decrypt decrypts and decodes a PKCS8_PRIV_KEY_INFO with PBES1 or PBES2
100	// as defined in PKCS #5. Only pbeWithSHAAnd128BitRC4,
101	// pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, and PBES2,
102	// defined in PKCS #12, are supported.
103	//
104	// \|pass\| is used as the password. If a PBES1 scheme from PKCS #12 is used, this
105	// will be converted to a raw byte string as specified in B.1 of PKCS #12. If
106	// \|pass\| is NULL, it will be encoded as the empty byte string rather than two
107	// zero bytes, the PKCS #12 encoding of the empty string.
108	//
109	// The resulting structure must be freed by the caller.
110	OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO PKCS8_decrypt(X509_SIG pkcs8,
111	const char *pass,
112	int pass_len);
113
114	// PKCS8_parse_encrypted_private_key behaves like \|PKCS8_decrypt\| but it parses
115	// the EncryptedPrivateKeyInfo structure from \|cbs\| and advances \|cbs\|. It
116	// returns a newly-allocated \|EVP_PKEY\| on success and zero on error.
117	OPENSSL_EXPORT EVP_PKEY PKCS8_parse_encrypted_private_key(CBS cbs,
118	const char *pass,
119	size_t pass_len);
120
121	// PKCS12_get_key_and_certs parses a PKCS#12 structure from \|in\|, authenticates
122	// and decrypts it using \|password\|, sets \|out_key\| to the included private*
123	// key and appends the included certificates to \|out_certs\|. It returns one on
124	// success and zero on error. The caller takes ownership of the outputs.
125	// Any friendlyName attributes (RFC 2985) in the PKCS#12 structure will be
126	// returned on the \|X509\| objects as aliases. See also \|X509_alias_get0\|.
127	OPENSSL_EXPORT int PKCS12_get_key_and_certs(EVP_PKEY **out_key,
128	STACK_OF(X509) *out_certs,
129	CBS in, const* char *password);
130
131
132	// Deprecated functions.
133
134	// PKCS12_PBE_add does nothing. It exists for compatibility with OpenSSL.
135	OPENSSL_EXPORT void PKCS12_PBE_add(void);
136
137	// d2i_PKCS12 is a dummy function that copies \|ber_bytes\| into a*
138	// \|PKCS12\| structure. The \|out_p12\| argument should be NULL(✝). On exit,
139	// \|ber_bytes\| will be advanced by \|ber_len\|. It returns a fresh \|PKCS12\|*
140	// structure or NULL on error.
141	//
142	// Note: unlike other d2i functions, \|d2i_PKCS12\| will always consume \|ber_len\|
143	// bytes.
144	//
145	// (✝) If \|out_p12\| is not NULL and the function is successful, \|out_p12\| will*
146	// be freed if not NULL itself and the result will be written to \|out_p12\|.*
147	// New code should not depend on this.
148	OPENSSL_EXPORT PKCS12 d2i_PKCS12(PKCS12 out_p12, const* uint8_t **ber_bytes,
149	size_t ber_len);
150
151	// d2i_PKCS12_bio acts like \|d2i_PKCS12\| but reads from a \|BIO\|.
152	OPENSSL_EXPORT PKCS12* d2i_PKCS12_bio(BIO bio, PKCS12 *out_p12);
153
154	// d2i_PKCS12_fp acts like \|d2i_PKCS12\| but reads from a \|FILE\|.
155	OPENSSL_EXPORT PKCS12* d2i_PKCS12_fp(FILE fp, PKCS12 *out_p12);
156
157	// i2d_PKCS12 is a dummy function which copies the contents of \|p12\|. If \|out\|
158	// is not NULL then the result is written to \|out\| and \|out\| is advanced just
159	// past the output. It returns the number of bytes in the result, whether
160	// written or not, or a negative value on error.
161	OPENSSL_EXPORT int i2d_PKCS12(const PKCS12 p12, uint8_t *out);
162
163	// i2d_PKCS12_bio writes the contents of \|p12\| to \|bio\|. It returns one on
164	// success and zero on error.
165	OPENSSL_EXPORT int i2d_PKCS12_bio(BIO bio, const* PKCS12 *p12);
166
167	// i2d_PKCS12_fp writes the contents of \|p12\| to \|fp\|. It returns one on
168	// success and zero on error.
169	OPENSSL_EXPORT int i2d_PKCS12_fp(FILE fp, const* PKCS12 *p12);
170
171	// PKCS12_parse calls \|PKCS12_get_key_and_certs\| on the ASN.1 data stored in
172	// \|p12\|. The \|out_pkey\| and \|out_cert\| arguments must not be NULL and, on
173	// successful exit, the private key and matching certificate will be stored in
174	// them. The \|out_ca_certs\| argument may be NULL but, if not, then any extra
175	// certificates will be appended to \|out_ca_certs\|. If \|out_ca_certs\| is NULL
176	// then it will be set to a freshly allocated stack containing the extra certs.
177	//
178	// Note if \|p12\| does not contain a private key, both \|out_pkey\| and*
179	// \|out_cert\| will be set to NULL and all certificates will be returned via*
180	// \|out_ca_certs\|. Also note this function differs from OpenSSL in that extra*
181	// certificates are returned in the order they appear in the file. OpenSSL 1.1.1
182	// returns them in reverse order, but this will be fixed in OpenSSL 3.0.
183	//
184	// It returns one on success and zero on error.
185	//
186	// Use \|PKCS12_get_key_and_certs\| instead.
187	OPENSSL_EXPORT int PKCS12_parse(const PKCS12 p12, const* char *password,
188	EVP_PKEY out_pkey, X509 out_cert,
189	STACK_OF(X509) **out_ca_certs);
190
191	// PKCS12_verify_mac returns one if \|password\| is a valid password for \|p12\|
192	// and zero otherwise. Since \|PKCS12_parse\| doesn't take a length parameter,
193	// it's not actually possible to use a non-NUL-terminated password to actually
194	// get anything from a \|PKCS12\|. Thus \|password\| and \|password_len\| may be
195	// \|NULL\| and zero, respectively, or else \|password_len\| may be -1, or else
196	// \|password[password_len]\| must be zero and no other NUL bytes may appear in
197	// \|password\|. If the \|password_len\| checks fail, zero is returned
198	// immediately.
199	OPENSSL_EXPORT int PKCS12_verify_mac(const PKCS12 p12, const* char *password,
200	int password_len);
201
202	// PKCS12_DEFAULT_ITER is the default number of KDF iterations used when
203	// creating a \|PKCS12\| object.
204	#define PKCS12_DEFAULT_ITER 2048
205
206	// PKCS12_create returns a newly-allocated \|PKCS12\| object containing \|pkey\|,
207	// \|cert\|, and \|chain\|, encrypted with the specified password. \|name\|, if not
208	// NULL, specifies a user-friendly name to encode with the key and
209	// certificate. The key and certificates are encrypted with \|key_nid\| and
210	// \|cert_nid\|, respectively, using \|iterations\| iterations in the
211	// KDF. \|mac_iterations\| is the number of iterations when deriving the MAC
212	// key. \|key_type\| must be zero. \|pkey\| and \|cert\| may be NULL to omit them.
213	//
214	// Each of \|key_nid\|, \|cert_nid\|, \|iterations\|, and \|mac_iterations\| may be zero
215	// to use defaults, which are \|NID_pbe_WithSHA1And3_Key_TripleDES_CBC\|,
216	// \|NID_pbe_WithSHA1And40BitRC2_CBC\|, \|PKCS12_DEFAULT_ITER\|, and one,
217	// respectively.
218	//
219	// \|key_nid\| or \|cert_nid\| may also be -1 to disable encryption of the key or
220	// certificate, respectively. This option is not recommended and is only
221	// implemented for compatibility with external packages. Note the output still
222	// requires a password for the MAC. Unencrypted keys in PKCS#12 are also not
223	// widely supported and may not open in other implementations.
224	//
225	// If \|cert\| or \|chain\| have associated aliases (see \|X509_alias_set1\|), they
226	// will be included in the output as friendlyName attributes (RFC 2985). It is
227	// an error to specify both an alias on \|cert\| and a non-NULL \|name\|
228	// parameter.
229	OPENSSL_EXPORT PKCS12 PKCS12_create(const* char password, const* char *name,
230	const EVP_PKEY pkey, X509 cert,
231	const STACK_OF(X509) chain, int* key_nid,
232	int cert_nid, int iterations,
233	int mac_iterations, int key_type);
234
235	// PKCS12_free frees \|p12\| and its contents.
236	OPENSSL_EXPORT void PKCS12_free(PKCS12 *p12);
237
238
239	#if defined(__cplusplus)
240	} // extern C
241
242	extern "C++" {
243
244	BSSL_NAMESPACE_BEGIN
245
246	BORINGSSL_MAKE_DELETER(PKCS12, PKCS12_free)
247	BORINGSSL_MAKE_DELETER(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free)
248
249	BSSL_NAMESPACE_END
250
251	} // extern C++
252
253	#endif
254
255	#define PKCS8_R_BAD_PKCS12_DATA 100
256	#define PKCS8_R_BAD_PKCS12_VERSION 101
257	#define PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 102
258	#define PKCS8_R_CRYPT_ERROR 103
259	#define PKCS8_R_DECODE_ERROR 104
260	#define PKCS8_R_ENCODE_ERROR 105
261	#define PKCS8_R_ENCRYPT_ERROR 106
262	#define PKCS8_R_ERROR_SETTING_CIPHER_PARAMS 107
263	#define PKCS8_R_INCORRECT_PASSWORD 108
264	#define PKCS8_R_KEYGEN_FAILURE 109
265	#define PKCS8_R_KEY_GEN_ERROR 110
266	#define PKCS8_R_METHOD_NOT_SUPPORTED 111
267	#define PKCS8_R_MISSING_MAC 112
268	#define PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12 113
269	#define PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED 114
270	#define PKCS8_R_PKCS12_TOO_DEEPLY_NESTED 115
271	#define PKCS8_R_PRIVATE_KEY_DECODE_ERROR 116
272	#define PKCS8_R_PRIVATE_KEY_ENCODE_ERROR 117
273	#define PKCS8_R_TOO_LONG 118
274	#define PKCS8_R_UNKNOWN_ALGORITHM 119
275	#define PKCS8_R_UNKNOWN_CIPHER 120
276	#define PKCS8_R_UNKNOWN_CIPHER_ALGORITHM 121
277	#define PKCS8_R_UNKNOWN_DIGEST 122
278	#define PKCS8_R_UNKNOWN_HASH 123
279	#define PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 124
280	#define PKCS8_R_UNSUPPORTED_KEYLENGTH 125
281	#define PKCS8_R_UNSUPPORTED_SALT_TYPE 126
282	#define PKCS8_R_UNSUPPORTED_CIPHER 127
283	#define PKCS8_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 128
284	#define PKCS8_R_BAD_ITERATION_COUNT 129
285	#define PKCS8_R_UNSUPPORTED_PRF 130
286	#define PKCS8_R_INVALID_CHARACTERS 131
287	#define PKCS8_R_UNSUPPORTED_OPTIONS 132
288	#define PKCS8_R_AMBIGUOUS_FRIENDLY_NAME 133
289
290	#endif // OPENSSL_HEADER_PKCS8_H
291

source code of dart_sdk/third_party/boringssl/src/include/openssl/pkcs8.h